[Qa-jenkins-scm] [jenkins.debian.net] 03/04: reproducible_openwrt|lede: node_save_logs: check input and hardcode paths
Holger Levsen
holger at layer-acht.org
Thu Oct 13 11:13:39 UTC 2016
This is an automated email from the git hooks/post-receive script.
holger pushed a commit to branch master
in repository jenkins.debian.net.
commit e519b9aad5475758b36cfebfcdd3fec9c484c3fa
Author: Alexander Couzens <lynxis at fe80.eu>
Date: Thu Oct 13 02:12:21 2016 +0200
reproducible_openwrt|lede: node_save_logs: check input and hardcode paths
improves the security if called over ssh and simplify the script.
Signed-off-by: Holger Levsen <holger at layer-acht.org>
---
bin/reproducible_openwrt_common.sh | 18 ++++++++++++++----
1 file changed, 14 insertions(+), 4 deletions(-)
diff --git a/bin/reproducible_openwrt_common.sh b/bin/reproducible_openwrt_common.sh
index 23c2668..3e1098a 100644
--- a/bin/reproducible_openwrt_common.sh
+++ b/bin/reproducible_openwrt_common.sh
@@ -74,11 +74,21 @@ create_results_dirs() {
mkdir -p $BASE/$project/dbd
}
+# node_save_logs can be called over ssh OR called within openwrt_build
node_save_logs() {
- local TYPE=$1
- local RUN=$2
+ local tmpdir=$1
- tar cJf "$TMPDIR/$RUN/logs_${TYPE}.tar.xz" logs/
+ if [ "${tmpdir:0:26}" != "/srv/reproducible-results/" ] || [ ${#tmpdir} -le 26 ] ; then
+ echo "Something very strange with \$TMPDIR=$tmpdir exiting instead of doing node_save_logs."
+ exit 1
+ fi
+
+ if [ ! -d "$tmpdir/build/logs" ] ; then
+ # we create an empty tar.xz instead of failing
+ touch "$tmpdir/build_logs.tar.xz"
+ else
+ tar cJf "$tmpdir/build_logs.tar.xz" -C "$tmpdir/build/logs"
+ fi
}
# RUN - is b1 or b2. b1 for first run, b2 for second
@@ -297,7 +307,7 @@ openwrt_build() {
[ "$TYPE" = "openwrt" ] && save_openwrt_results $RUN
# copy logs
- node_save_logs $TMPDIR/build_logs.tar.xz $TMPBUILDDIR
+ node_save_logs "$TMPDIR"
# clean up between builds
openwrt_cleanup
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/qa/jenkins.debian.net.git
More information about the Qa-jenkins-scm
mailing list